Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/aEC_7TNNCtgoiEpcLAAg9RdkK3Y.roa
File: aEC_7TNNCtgoiEpcLAAg9RdkK3Y.roa (raw, json)
Hash identifier: VLkXLf6CiMeBrv863cB8uOxHmNWy49YukX72ZbHKPbM=
Subject key identifier: 68:40:BF:ED:33:4D:0A:D8:28:88:4A:5C:2C:00:20:F5:17:64:2B:76
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 01935E51A83AC2B8344F6672B6EF501BA870
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/aEC_7TNNCtgoiEpcLAAg9RdkK3Y.roa
Signing time: Sun 24 Nov 2024 13:17:09 +0000
ROA not before: Sun 24 Nov 2024 13:17:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213960
IP address blocks: 2a05:9080:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:5e:51:a8:3a:c2:b8:34:4f:66:72:b6:ef:50:1b:a8:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Nov 24 13:17:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6840bfed334d0ad828884a5c2c0020f517642b76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:38:28:3e:69:18:3e:b6:7c:76:63:56:a3:55:
5c:64:9d:ba:e4:a9:da:6e:09:1c:a1:8c:db:1f:03:
c6:1c:64:be:dc:9a:a2:d9:1b:68:5b:7b:c3:f6:ea:
da:77:73:eb:a8:f8:d8:25:a8:51:e6:ac:56:88:db:
5c:66:24:b1:9c:4d:ff:81:a0:ab:fa:2a:f2:d2:8e:
ab:68:3e:58:5a:31:d6:e8:4f:db:82:dc:91:20:4d:
e8:0a:1f:50:06:15:ab:f4:c8:af:e0:53:9a:8d:0f:
8a:50:4f:0d:da:e2:32:be:29:40:40:bc:9f:85:03:
ac:ad:7d:d1:f6:01:8d:c1:a1:c6:10:ad:26:4e:20:
c9:1c:0f:a0:44:4f:e3:da:a4:3c:cc:d4:ac:0c:44:
90:23:03:ca:ad:85:63:3f:14:74:a3:b7:d8:97:a7:
72:b0:2d:84:37:ca:a7:fb:5a:23:dd:38:43:4b:45:
ea:2f:eb:aa:6b:3d:81:94:d2:c7:ba:92:3d:23:b1:
19:2e:1c:b1:6e:07:24:f9:a3:c7:fd:0e:06:bb:c1:
04:4f:fd:ec:d9:7e:2d:d4:9a:0b:8e:0b:b3:4f:b8:
00:4b:2e:da:ac:eb:09:6b:22:98:d3:b1:3d:35:af:
a7:20:8f:08:64:60:b4:1e:cb:5f:c7:e6:97:fb:36:
17:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:40:BF:ED:33:4D:0A:D8:28:88:4A:5C:2C:00:20:F5:17:64:2B:76
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/aEC_7TNNCtgoiEpcLAAg9RdkK3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9080:5::/48
Signature Algorithm: sha256WithRSAEncryption
41:82:6d:35:82:63:13:1f:0e:cc:ac:7a:2b:d2:3c:18:93:de:
af:da:e5:8a:c1:a0:97:1a:b0:97:38:a0:60:cd:c5:2f:a9:1d:
da:d8:f1:1a:55:5f:97:b3:c0:ba:90:fd:fa:32:09:06:95:24:
1d:8c:6f:a9:a4:2e:d6:6a:6d:e6:bb:21:7e:ce:34:dd:f3:61:
81:b1:4d:40:52:63:e7:10:be:e9:f4:1b:d2:8e:9a:61:6a:9b:
90:4a:6f:c4:89:0e:e0:10:20:38:f3:21:be:06:a3:e0:40:54:
f7:16:e0:53:8d:68:70:39:d2:8a:35:f2:78:bf:0b:35:10:62:
9b:f6:4f:c6:04:39:74:57:b3:77:6d:2c:ee:fb:2d:d7:6e:c0:
23:61:08:ee:cb:9c:7b:4e:fb:b3:58:87:b8:d6:6c:e2:24:50:
56:2e:c1:75:18:53:77:c5:6c:8a:b6:45:aa:0c:71:70:0a:a6:
ef:f4:fb:0b:d0:be:1a:13:95:57:e8:06:96:7b:06:62:0c:ad:
d9:62:23:16:e3:de:0f:20:04:c6:2e:f5:11:5f:0c:0a:12:76:
37:eb:cc:fb:68:b8:da:ab:ee:15:9c:9b:5f:4a:1d:78:9d:75:
eb:c1:91:48:20:e0:40:bf:99:19:ce:d8:5b:c3:2e:00:58:9d:
4b:7b:88:77
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZNeUag6wrg0T2Zytu9QG6hwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjQxMTI0MTMxNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODQwYmZlZDMzNGQwYWQ4Mjg4ODRhNWMyYzAwMjBmNTE3NjQyYjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDgoPmkYPrZ8dmNWo1VcZJ265Kna
bgkcoYzbHwPGHGS+3Jqi2RtoW3vD9urad3PrqPjYJahR5qxWiNtcZiSxnE3/gaCr
+iry0o6raD5YWjHW6E/bgtyRIE3oCh9QBhWr9Miv4FOajQ+KUE8N2uIyvilAQLyf
hQOsrX3R9gGNwaHGEK0mTiDJHA+gRE/j2qQ8zNSsDESQIwPKrYVjPxR0o7fYl6dy
sC2EN8qn+1oj3ThDS0XqL+uqaz2BlNLHupI9I7EZLhyxbgck+aPH/Q4Gu8EET/3s
2X4t1JoLjguzT7gASy7arOsJayKY07E9Na+nII8IZGC0Hstfx+aX+zYX7QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGhAv+0zTQrYKIhKXCwAIPUXZCt2MB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvYUVDXzdUTk5DdGdvaUVwY0xBQWc5UmRrSzNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgWQgAAF
MA0GCSqGSIb3DQEBCwUAA4IBAQBBgm01gmMTHw7MrHor0jwYk96v2uWKwaCXGrCX
OKBgzcUvqR3a2PEaVV+Xs8C6kP36MgkGlSQdjG+ppC7Wam3muyF+zjTd82GBsU1A
UmPnEL7p9BvSjpphapuQSm/EiQ7gECA48yG+BqPgQFT3FuBTjWhwOdKKNfJ4vws1
EGKb9k/GBDl0V7N3bSzu+y3XbsAjYQjuy5x7TvuzWIe41mziJFBWLsF1GFN3xWyK
tkWqDHFwCqbv9PsL0L4aE5VX6AaWewZiDK3ZYiMW494PIATGLvURXwwKEnY368z7
aLjaq+4VnJtfSh14nXXrwZFIIOBAv5kZzthbwy4AWJ1Le4h3
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:46:58 2024 by rpki-client on console-fra.rpki-client.org